Picture of clothing model

TK Maxx loses payment details

Customers are urged to check statements for fraudulent use of account data following attack

Written by Dave Friedlos and Tom Young

Computing, 25 Jan 2007

Retailer TK Maxx has warned UK customers that their credit and debit card details may have been stolen in a hacking attack on the computer systems of its parent company TJX.

TJX says the attack occurred in December, but, on the advice of investigative authorities, only alerted customers last week.

The intrusion hit systems that manage customer transactions such as credit card, debit card and refunded transactions. TJX has identified some information that has been stolen, but the full extent of the theft is unknown.

Chairman Ben Cammarata says information on transactions made between May and December last year may have been accessed and is advising customers to review bank and credit card statements carefully.

‘Since discovering this crime we have been working to protect customers and strengthen the security of our systems,’ he said.

TJX is working with General Dynamics and IBM to boost security and says a containment plan will prevent further intrusions.

David Roberts, chief executive of The Corporate IT Forum, says it appears the retailer may have underinvested in systems to protect information.

‘I do not know of any other retailer that has suffered a similar attack in recent years. It will require a major revision to ensure its systems are foolproof,’ he said.

Roberts says ecrime is a growing threat, and any firm that stores credit and debit card information is a target and faces severe damage to their reputation.

Just last week, Sweden’s largest bank Nordea suffered the biggest internet fraud in history. More than eight million kronor (£600,000) disappeared in three months as a result of tailor-made Trojans, affecting 250 customers.

Gartner security analyst Jay Heiser says informing customers immediately of breaches would not necessarily help as many individuals do not know what to do when notified that their information has been lost. ‘But if firms were forced to disclose information about breaches sooner there would be an incentive to improve security,’ he said.

What do you think? Email us at feedback@computing.co.uk

Further reading

Bank victim of phishing strike

Publicise the phishing facts

International phishing gang arrested

reader comments

related articles

 

Review 2007: IT security and e-crime

Computing's review of the year looks back at the top IT security and cybercrime stories 20 Dec 2007

Review 2007: IT in financial services

Computing looks at the big stories in financial services IT in our review of the past year 18 Dec 2007

Security

TK Maxx ruling prompts sales pitch

VARs urged to watch for retail sector security sales opportunities 14 Aug 2008

related whitepapers

today's top stories

Communications

Body Shop rolls out PCI system

Retailer hopes to benefit from improved customer data analysis 07 Oct 2008

Talking Outsourcing

Where to offshore (and why not here?)

Tholons, the research firm founded by well-known offshoring guru Avinash Vashistha , has just published some new research in Global Services magazine... 07 Oct 2008

Communications

The future of Ethernet

Where is Ethernet going? We look at the future of the widely-used networking technology. 07 Oct 2008

Management

The pIT stop Q&A: How can I measure the business success of IT applications?

Ou expert panel answers readers' real-life IT questions 07 Oct 2008

Small Business Focus

National Identity Fraud Prevention Week

Every Monday seems to mark the beginning of a new awareness drive and this week’s theme has particular importance to small businesses... 06 Oct 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you apply for a job that was advertised on Facebook or a similar social networking site?

Would you apply for a job that was advertised on Facebook or a similar social networking site?

The government is using Facebook to recruit IT staff - would you apply to such an ad?

Previous poll results

> More polls

Latest audio and video articles

Ethernet cableVideo

The future of Ethernet

Where is Ethernet going? We look at the future of the widely-used networking technology. 07 Oct 2008

Podcast imageAudio

Computing podcast - Next-generation broadband Britain; and we report from Gartner's IT security summit

In our latest podcast, we discuss the hurdles that a national fibre-optic network must overcome, and look at the issues discussed at the recent IT security conference 02 Oct 2008

> More audio and video

Latest in-depth articles

Features

How to ensure progress in programming

Best practice advice from Forrester Research 02 Oct 2008

BT workersAnalysis

Wanted: a viable model for fibre

While other European countries are pressing ahead with fibre rollouts, progress in the UK is being held back as the debate over who will foot the bill drags on, writes Dave Bailey 02 Oct 2008

> More in depth articles

Advertisement

Primary Navigation